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S^ORKS DEVICE ESTABUSHING CONNECTIONS BETWEEN TWO SUBSCRIBERS IN TWO DIFFERENT 

Technical Field 

The present invention relates to the communication between terminals m Internet 
5 Protocol (IP) based networks. 

Background 

The Internet is being used to an increasing degree for commercial communication. In 
particular there is a demand for real-time applications for voice, image and data in 
10 decentralized corporate data networks. 

With present technology, companies may connect several Intranets and remote users 
in an Internet Virtual Private Network (I- VPN). 

A Virtual Private Network (VPN) may comprise a number of zones, or subnetworks. 
15 For example each department in a company may have its own zone all zones bein^ 
connected to one large network. Each zone has its own gatekeeper, which holds 
information about all addresses in its own zone 

There are known solutions for letting end users in a network communicate by means 
20 of a gatekeeper within a zone or via a location service, but direct communication 
between the different gatekeepers is not handled today. 

Summary of the Invention 

It is an object of the present invention to provide a Virtual Private Network (VPN) 
25 with mtemal zones, in which direct communication between the different zones is 
enabled. 

It is another object of the invention to enable the roaming between different zones in 
a VPN. 

30 
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means, 


These objects are achieved according to the invention by a zone management 
which is connected to the gatekeepers of all the zones in the VPI. 

The zone management means holds information about all addresses found in 
gatekeepers in the VPN and assists in the address resolution within a VPN. 

The solution according to the invention offers the following advantages: 

- Roaming in the network is supported, that is, users are enabled to move between 
different terminals and different zones in the network. 

- A private network for audio, video and/or data communication ,s created which 
composes uitemal zones and which can cooperate with external clients and location 

services. 

- The network accordtng to the invention promotes distnbunon of functionality w.th 
respect to TCP/IP. 


Brief Description of the Drawings 

Figure 1 shows a connection between two end users in a zone, assisted by a 
gatekeeper, according to prior art; 

Figure 2 shows a connection between two end users in different zones, assisted bv 
gatekeepers and a zone management means, aceordmg to the invention- 
F.gure 3 shows the signalling that takes place when a connection between two end 
users in different zones is set up, according to the mvention; 

Figures 4A and 4B show the s.gnailtng that takes place when a new gatekeeper is to 
be reg,stered and unregistered, respectively, with the zone management means 
Figures 5A and 5B show the signaling that takes place when a new endpotnt is to be 
registered, respectively, with the zone management means; and 
Figure 6 illustrates the principles for roaming in t he network according to the 


invention. 
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Detailed Description of Embodiments 

F.gure , ,s a sche mat ,c drawng of a connection between two end users , m . zone 
or a pnvate network, assisted by a gatekeeper 5, as common in the art The 

_ gatekeeper 5 holds ^formation about the location of al, addresses belonging to „s 

3 zone, and also sets up connections within the zone. 

The solution accordtng to the invention may be unplemented m anv ktnd of data 
nenvork. For srmplicity, a pro.oco. known as H.323, whtch ,s a de facto standard m 
^ audto, vtdeo and/or data commutucation, w.l, be used as a bas.s for the discusston. 

Figure 2 is a schematic drawtng of a network accordtng to the mvention The 
network is divided into different zones n !-• u 

, , , , . _ u °" eS 1 J - 1 J • each zone compnsmg a gatekeeper 

I.. 16 Each end user H, II ' is connected the gatekeeper 15. 15' of me zone ,3 
13' to winch ,t belongs. All gatekeepers are connected to one zone management ' 
means ,7, accordtng to the invent.on. The zone management means 17 comprises a 
.able 19 of the logtca, addresses, or altas addresses, of a„ reg.stered end pomts m a„ 
zones of me networked the zone m which each end pom, is reg.stered. 

An end user 1 1 who wtshes to establish a connection to another end user ,1 • m a 

different zone, uutiates tins bv stalling to the gatekeeper !5. The gatekeeper 15 

quests the destination from the zone management means !, The zone management 

means 17 mforms the gatekeeper 15 of the physical location of the end user 1 r to 
wluc h the connection , s tQ b£ se( up ^ 5ignaiimg betweM ^ ^ 

of the two networks then proceeds m the way common in the art. 

If the H.323 protocol ,s used, the s.gnalltng that takes p.ace W1 „ be as shown tn more 
detail in Figures 3, 4A, 4B. 5A and 5B. 

Figure 3 shows the signaling that takes place when an end user 1 1 m one zone 13 
wishes to set up a connection to another end user 11 ' in a different zone 13'. 
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The end user 1 1 who wants to set up a connection to another end user 1 1 \ sends an 
Address Request (ARQ) signal to its gatekeeper 15. The ARQ signal comprises the 
following: 

- the destination alias address (the address of the receiving end user 11') 

5 - the Destination Call Signalling Address (normally the address of the receiving end 
user IT) 

- the Source Alias Address (the address of the end user 1 1 initiating the connection) 

- the Source Call Signalling Address (normally the address of the end user 1 1 
initiating the connection) 

10 - the desired bandwidth 

- The desired Call Model 

The gatekeeper 15 sends a Zone Request (Zone RQ) signal comprising the 
Destination Alias Address of the receiving end user 1 1 ' to the zone management 
15 means 17. 


The zone management meanvl7 responds by sending a Zone Confirmation (Zone 
CF) signal to the gatekeeper 15, comprising the message 

DestinationOkWellKnownRasAddress, which indicates that the address has been 
20 located. (RAS xAddress = Registration Admission and Status Address) 

The gatekeeper 15 can then send a Location Request (Location RQ) signal to the 
gatekeeper 15' of the zone to which the receiving end user 11' belongs. 

25 The gatekeeper 15' responds by sending a Location Confirmation (Location CF) 
signal to the gatekeeper 15, comprising the Destination Call Signalling Address 

The gatekeeper 15 responds to the end user 1 1 with an Address Confirmation (ACF) 
signal comprising the following information: 
30 - the bandwidth available/allocated 
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- the call model to be used 

- the destination call signalling address 

The end user 1 1 then sends a Setup signal to the gatekeeper 15 comprising the 
5 following information 

- bearer capability 

- user to user information 

The gatekeeper forwards the information in the setup signal to the receiving end user 

io ir. 

The receiving end user IT sends an Address Request (ARQ) signal to its gatekeeper 
15 \ comprising the following information: 

- the destination alias address 

15 - the Destination Call Signalling Address 

- the Source Alias Address 

- the Source Call Signalling, Address 

- the desired bandwidth 

- The desired Call Model 

20 

The gatekeeper 15' responds by sending an Address Confirmation (ACF) signal to 
the end user 11', comprising the following information 

- Bandwidth 

- Call Model 

25 - Destination Call Signalling Address 

The receiving end user 1 V then sends a Connect signal to the gatekeeper 15 in the 
zone of the sending end user 1 1, comprising the following information: 

- Transport Address H.245 Control Channel 
30 - Destination endpoint Type 
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The gatekeeper 1 5 forwards the Connect signal to the end user 11. 

Hgure 4A shows the signalling that takes place between a gatekeeper 15 15' and a 
zone management means 17 when a new gatekeeper is to be registered with the zone 
management means 17, lf the H.323 protoco, 1S used. The gatekeeper 15, 15' sends a 
Gatekeeper Registration Request , GKRRQ, comprising the 
GatekeeperWellKnownRasAddress, which is the address by which the Gatekeeper 
13, 13 is known i„ the network, to the zone management means 17 The zone 
management means 17 responds with a Gatekeeper Registration Confutation 
Gk_RCF, signal comprismg the Zoneldentifier, which is the identification to be 
used for the zone of the new gatekeeper, to confirm that the gatekeeper has been 
registered as a gatekeeper for this zone. 


F *" 4B Sh ° WS ^ ***** * at lak « between a gatekeeper ,5 and . 20ne 
management means ,7 when an exisfing gatekeeper 15 ,s to be unreg.stered, tha, is 
deleted from the domain ofthe zone management means 17. Again the H 323 
protocol .s assumed. The gatekeeper ,5 sends a Gatekeeper Unreg.strat.on Request 
GK_(jRQ, to the zone management means 17, comprismg the Zoneldentifier The ' 
-0 zone management means 17 responds by sendang a Gatekeeper Unregistration 
Confirmation, GK_UCF, s.gnal back to the gatekeeper 15, compnsmg the 
NumberOfEndPou,,sUnreg.s,ered, wtuch ind.cates how many end pornts are 
connected to the gatekeeper 15 tha, has been unregistered. The GK UCF signal 
_ confirms that the gatekeeper !5, ,s no longer regIstered Wlth ^ ^ 
means 17. 

figure 5A shows the s.gnal.ing that takes p,ace between and endpomt, tha, ,s a user 
terrrunal 1 1. and a gatekeeper 15, and between a gatekeeper 15 and a zone 
management means 1 7, when a new endpom, „ ,s to be reg.s,ered, according to 

■>u H.o2j protocol. First the new endpoint 1 1 send* » p»„- - ■ o 

lupomr 1 1 sends a£egi S tranon Request, RRQ signal 

to its gatekeeper 1 5, comprising the following 
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- CallSignallingAddress - The address of the gatekeeper 15 

- RAS_Address - Registration Admission and Status Address 

- TerminalType - The type of terminal connected at the end point 1 1 

- AliasAddress - The address by which the new end point 1 1 will be known in the 
5 network 

The gatekeeper 15 sends an End Point Registration Request, EP_RRQ ; signal to the 
zone management means 17, comprising the following: 

- EndPointldentifier - identifying the new end point 1 1 

10 - Zoneldentifier - identifying the zone in which the new end point is found 

- AliasAddress - the address by which the new end point will be known in the 
network 


The zone management means 17 responds to the gatekeeper 15 by sending an End 
15 Point Registration Confirmation, EP_RCF, signal, comprising the AliasAddress of 
the new end point 11. 

The gatekeeper 15 then Responds to the new end point 1 1 with a Registration 
Confirmation, RCF, signal comprising the following: 

- GK_CallSignalAddress - the address of the gatekeeper 
20 - EndPointldentifier - the identifier of the new end point 1 1 

The new end point 1 1 has now been registered with the gatekeeper 15 and the zone 
management means 17. 

Figure 5B shows the signalling that takes place when an existing endpoint 1 1 is to be 
25 unregistered, that is, now longer to be connected to the gatekeeper 15. 

First the new endpoint 1 1 sends a Unregistration Request, URQ, signal to its 
gatekeeper 15, composing the following: 

- CallSignallingAddress - the address of the gatekeeper 15 

- EndPointldentifier - the identifier of the end point 1 1 to be unregistered 

30 - AliasAddress - the address by which the end point 1 1 is known in the network 
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The gatekeeper 1 5 sends an End Point r i„ ■ 

the^n. '"a Point Unregistrarion Request EP rn?r> 

-End* '»«de ntlfi e r - id e ntifyulgthenewendpointii * 

The zone management means 1 7 resnnnHc , u 
10 the end point 1,. " ' ™ m P™"$ the AiiasAddress of 

15 

-d potnts, 2,a, 2,b, 21c in a fo t ZO ne ,3 A ° f 

0*e r end points 2 ,d, 2,e in a sec(md " to a first gatekeeper 25. 

2" 25-. Both g ate te epe rs 25. 25 • are connected » * * * 

nn«ted to a zone management means 27. 

Each gatekeeper 25 25' is ak„ 

— ei , The damba : :r: e : d :° a database m ™ s 29 - »■ 

-rwces assigned to each end po ,ntV Ia ° f about the 

25 database means 29, 29' belong " ' " "* ^ 23 ' '° «* 

^enta. series as * ' — or the 

-ces are execute, tn execution means 3^ , " redlreCt, ° n ^ 

and j respectively. 

For roarmng to be possibie.rheiogicai addresses of ail e„ d 
0 must be unique in the whole network The P0U " S " 21a ' 2 

-.u de the name of the zone to which the ZT^T" "* » 

user belongs ,n the name. ,„ Ms Kmnpl 


le 
s to 
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this would mean that a user ■> U m A f 

or another ^ '* ^ ° f - ~ 

-*n * ™ved t0 ^ ™- ™e user n^, keep ^ 

5 "»e »ne name rmght be changed 

^- 21 a whowishestomove 

S-ekeeper U - in the „ ew 20ne 2y ^ ™ 2 > '° ™*<" 23 registers w , h , 
—Semen, means 27 ^ ^ 8 ^ *' then ^ ^ 
--keeper 25>. Tne ^ J " ^ " »" « • 

'» ^odtmen, of the ,.„ vennon -or dlng to F , gure ^ ^ ^ 

A « sh 0wn in Flg „ e JB _ before - 3 <*«»»«. from the ft* gatekeep 
fte 20ne ~ « - new gatekeeper fc 

firs, gatekeeper 25. a«omanca )ly de , et e s a, user ^ ^ 

15 TheServicesa "'»>ed tot he user2 , a;< 

* *» *^ 25. When the use;;;::' "* dambaSe — « connected 
-ords be.ongi,, t0 ^ '-'•«<*,. to a different 20 „e, the serv.ce 

— cted to the new gatekeeper 25 I » "* d "*« — »• 

routed tn the execution means 3 r of J " ^ " " *e„ be 

> * -ce records u, the first da T ^ ^ * ~ - 

— wouid be carried out m ^ J? ^ "* <* * 

executton means 3, ofthe first 20 „e 23. 
Moving within one zone mav a ■ 
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CLAIMS 

xts^^.^^-— -.0.,-.!. 

. gatekeeper (15, ,5-,, said apparatus „ com j' 3 ' *ed by 

•wo -ones (13, 13') m the network ""^ t0 **"«P« of at leas, 

characterized it, that it comprises: 

'° - conn «tions to the gatekeepers (15 ij-w.ii 

r ""WJ, 15 ) of all zones (13 n'li n »k. 

- information about the jj J m * e network 

"out the logical addresses of user terminals (11 , 
ferent zones (13, 13-) ™ s,u ' 11 ) found in the dif- 

2. An apparatus according to claim 1 ,1, 

.0 one gatekeeper (,5) may re* 7 CharaC ' er,Zed » *« ' -briber connected 
05) may reg,s,er temporarily with another gatekeeper (,5-,. 

3. An apparatus according to claim i n -i ■ 

H.323 protocol signallmg / ' C " araCteri2ed » *** " «*P*d for 

0 4 A meth ° d f ° r a connection bet.een a sendin 

arecei^gusertentunaldrieaeh^ , VI) *a 

vi 1 ; eacn one of said terminal ri 1 h»m. • 

" 8Udi0 ' ™*or data communication netwoZ ' ^ ^ " 

03, .3') of a larger data communication neITl a h ^ ^ 

aged by a gatekeeper (15, ,5', ' * "** ( ' 3 ' l3 '»^» 


aged by a gatekeeper (15, 15 >) 
characterized by the following steps 


U -> A requesting an address for a c j 
^ a second zone (13*); eCOnd USer tem ^al ( ] i>) 
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- Requesting information about the second zone (13') in which the second user ter- 
minal (IT) is found, and the gatekeeper (15 ? ) of this zone (13'), from an apparatus 
(17) comprising information about all user terminals (11. 1 T); 

- Locating the second user terminal (1 V) in the second zone (13'); 

5 - Disconnecting the connection to the zone management means (17); 

- Establishing the connection between the first (11) and the second (IT) user termi- 
nal. 

5. A method according to claim 4, characterized in that the signal sent from the 
10 first user terminal is an address request signal according to H.323 protocol. 

6. A method according to claim 4 or 5 ; characterized in that the identification of 
the second zone (13') is carried out in the following steps: 

- Sending a zone request signal from the gatekeeper (15) to the zone management 
15 means (17); 

- Sending a location request signal from the zone management means (17) to the 
gatekeeper (15') in the zone of the receiving user terminal (IT); 

- Sending a location confirmation signal from the gatekeeper (15') to the zone man- 
agement means (17); 

20 - Sending an address confirmation signal from the zone management means (1 7) to 
the gatekeeper (15). 

7. A method according to any one of claims 4, 5 or 6, characterized in that the sec- 
ond user terminal (11 ') in the second zone (13") is located, and the connection be- 

25 tween the first (11) and the second (IT) user terminal is set up, in the following 
steps: 

- Sending a setup signal from the sending end user (1 1) to the gatekeeper (15) r 
specifying the bearer capability; 

- Sending the information in the setup signal from the gatekeeper (15) to the re- 
30 ceiving end user (IT); 
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CS" ^ *" *" - - ( ■ . .o ,,s ga , 

OH" 8 ^ <- *» - — to the end 


user 


- Sending a correct signal from re 

sending end user (1 1)- (' ' ) to the gatekeeper of the 

„ _ 

deeper (,5, , n md aI1 ^ ' ' ~* -e managed by . 

(17) according to any one of claims 1-3. "* mana 8 enl ™ ™ans 


WO 98/59467 PCT/SE98/01204 



SUBSTITUTE SHEET (RULE 26) 

BNSDOCID: <WO 9859467A2_I_> 


p CT/SE98/01204 




J — ( 

O 




-« — > 


CO 

I 1 

o 


o 







— < cu 





1 

QJ TD 





SUBSTITUTE 


SHEET (RULE 


26) 


WO 98/59467 


PCT/SE98/01204 


3 /S 

Gatekeeper 


*GatekeeperWellKnownRasAddress 
GK RiT 

*Zone:dentifier 


FIG.4A 


Zonekeeper 

GK_RRQ 


Gatekeeper 

Zonekeeper 


GK URO 

*Zone'dentifier ✓ 


gk_u:f 


*NumD?rOfEndPioatsUnregistered 




FIG.4B 


SUBSTITUTE SHEET (RULE 26) 


WO 98/59467 


PCT/SE98/01204 


Endpoint 


*CallSignaliingAddress 
*RAS_Address 
*TerminalType 
*AliasAddress 


RCF 


4/5 

Gatekeeper 


r GK_CaliSignal Address 
'EndPointldentifier 


Zonekeeper 


EP RRQ 


EndPointldentifier 
Zoneldentifier 
*AliasAddress 


,EP RCF 


L AliasAddress 


FIG.5A 


Endpoint 


URQ 


*CallSjgnallingAddres£ 

'Endpointldentifier 

"AliasAddress 


.UCF 


Gatekeeper 


Zonekeeper 


EP_URQ 


^EndPointldentifier 

*ZoneIdentifier 

*AliasAddress 

EP_UCF 
*AliasAddress 


FIG.5B 


BNSDOCID; <WO 98S9467A2_I_, 


SUBSTITUTE SHEET (RULE 26) 


WO 98/59467 


PCT/SE98/01204 


s/s 



FIG.6 


SUBSTITUTE SHEET (RULE 26) 

BNSDOCID- <WO 9859467 A2_l_> 


WORLD INTELLECTUAL PROPERTY ORGANIZATION 
International Bureau 



PCT 

INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 


(51) International Patent Classification 6 
H04L 12/46, 12/56 


A3 


(11) International Publication Number: WO 98/59467 

(43) International Publication Date: 30 December 1998 (30.12.98) 


(21) International Application Number: PCT/SE98/01204 

(22) International Filing Date: 22 June 1998 (22.06.98) 


(30) Priority Data: 

9702384-0 


23 June 1997 (23.06.97) 


SE 


(71) Applicants (for all designated States except US): TELEFON- 

AKTIEBOLAGET LM ERICSSON (publ) [SE/SE]; S-126 
25 Stockholm (SE). TELIA AB [SE/SE]; S-123 86 Farsta 
(SE). 

(72) Inventors; and 

(75) Inventors/Applicants (for US only): KANTER, Theo [NL7SE]; 
Rdnninge Skolvag 35E, S- 144 62 Ronninge (SE). RYDE, 
Anders [DK/SE]; Kyrkvagen 21, S-133 34 Saltsjdbaden 
(SE). FRISK, Claes [SE/SE]; Blacksvampsvagen 89, 
S-141 60 Huddinge (SE). SVENNEVIK, Anders, Christian 
[SE/SE]; Dalagatan 231 o.g., S-113 24 Stockholm (SE). 

(74) Agents: HERBJ0RNSEN, Rut et al.; Aibihns Patentbyra 
Stockholm AB, P.O. Box 3137, S-103 62 Stockholm (SE). 


(81) Designated States: AL, AM, AT, AU, AZ, BA, BB, BG, BR, 
BY, CA, CH, CN, CU, CZ. DE, DK, EE, ES, FI, GB, GE. 
GH, GM, GW, HU, ID, IL, IS, JP, KE, KG, KP, KR, KZ, 
LC, LK, LR, LS, LT, LU, LV, MD, MG, MK, MN, MW, 
MX, NO, NZ, PL, PT, RO, RU, SD, SE, SG, SI, SK, SL, 
TJ, TM, TR, TT, UA, UG, US, UZ, VN, YU, ZW. ARIPO 
patent (GH, GM, KE, LS, MW, SD, SZ, UG, ZW), Eurasian 
patent (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM), European 
patent (AT, BE, CH, CY. DE, DK, ES, FI, FR, GB, GR, 
IE, IT, LU, MC, NL, FT, SE), OAPI patent (BF, BJ, CF, 
CG, CI, CM, GA, GN, ML, MR, NE, SN, TD, TG). 


Published 

With international search report. 

(88) Date of publication of the international search report: 

1 April 1999(01.04.99) 


(54) Tide: METHOD AND DEVICE FOR ESTABLISHING CONNECTIONS BETWEEN TWO SUBSCRIBERS IN TWO DIFFERENT 
SUBNETWORKS 





15 


15' 

// ^ 

11 

-13 

u 1 


-13" 


(57) Abstract 

The present invention relates to a method and an apparatus for establishing connections between tow subscribers in an Internet 
Protocol (IP) based network, said network being divided into zones, or subnetworks, each zone being managed by a gatekeeper (15, 15'; 
25, 25'). All gatekeepers are connected to a zone management means (17; 27), which holds information about the logical addresses of all 
user terminals (II, 11*). A first user (11) in a first zone (13) managed by a first gatekeeper, who wishes to establish a connection to another 
user (11') in another zone (13*) managed by a second gatekeeper (15') sends a request to the first gatekeeper (15), from which the request 
is forwarded to the zone management means (17). The zone management means (17) requests the address from the second gatekeeper (15') 
and returns an address confirmation, so that the connection may be set up. 
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